You’re correct that many major providers have moved away from supporting OpenID in favor of OAuth 2.0 and OpenID Connect, which require the service being logged into to have a preexisting relationship with the login provider. However, there are still some services where you can obtain an OpenID URL for authentication on OpenID-enabled websites.
1. Launchpad
Launchpad by Canonical continues to operate as an OpenID provider. By creating a Launchpad account, you can use your profile page URL as your OpenID URL. This allows you to log into other services that support OpenID without needing any prior arrangement between the services and Launchpad.
2. Steam
Steam provides an OpenID 2.0 implementation. Your Steam Community profile URL can serve as an OpenID identifier. While primarily used for gaming-related services, it can be used on any site that supports OpenID authentication with Steam.
3. Yandex
Yandex offers OpenID authentication for its users. If you have a Yandex account, you can use it as an OpenID provider to log into services that accept OpenID URLs.
4. Blogger (Blogspot)
If you have a blog on Blogger, your blog URL can act as an OpenID. This can be useful if you’re already using Blogger and want to leverage that for authentication on OpenID-enabled sites.
5. OpenID.ee
OpenID.ee is an OpenID provider that allows users to authenticate using their Estonian national ID card or Mobile ID. It’s region-specific but can be used on any site that accepts OpenID.
6. VeriSign PIP
While many such services have shut down, it’s worth checking if VeriSign Personal Identity Provider (PIP) is still operational, as it was a notable OpenID provider in the past.
7. Self-Hosted Solutions
If you’re comfortable with a bit of technical setup, you can host your own OpenID provider. Software like:
- phpMyID: A lightweight, single-user OpenID provider.
- OpenID for WordPress: Allows your WordPress site to act as an OpenID provider.
This approach requires hosting a website and some configuration but gives you full control over your OpenID identity.
8. Using Your Own Domain with Delegation
Even without hosting a full OpenID server, you can use OpenID delegation to use your domain as your OpenID identifier while delegating the authentication to another OpenID provider (like Launchpad). This involves adding specific HTML tags to your website’s header:
Replace yourusername with your Launchpad username. This way, your domain becomes your OpenID URL.
Considerations
- Security: Be cautious when selecting an OpenID provider. Ensure it has a good reputation for security and privacy.
- Longevity: Given that OpenID 2.0 is being deprecated in favor of newer protocols, the availability of OpenID providers may continue to diminish.
- Support: Not all OpenID-enabled sites support every OpenID provider due to implementation differences.
Alternative Approaches
- IndieAuth: While not exactly the same as traditional OpenID, IndieAuth allows you to use your own domain to authenticate using OAuth. It might be a viable alternative if you’re already considering domain ownership.
- Contact Site Administrators: If a site you use relies heavily on OpenID, consider reaching out to them to suggest updating their authentication methods to support OAuth 2.0 or OpenID Connect, which are more widely supported by major providers.
Conclusion
While the options are more limited than before, you can still obtain an OpenID URL from providers like Launchpad, Steam, and Yandex. Self-hosting or domain delegation are also viable paths if you’re willing to manage some technical details. Keep in mind the shifting landscape of authentication protocols and plan accordingly for the future.
